New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
geodesic.c:sincosdx runtime error: nan is outside the range of representable values of type 'int' #843
Comments
I recommend
so that it doesn't require the C99 function |
I'm not sure if converting a nan to zero makes sense, but cffk's patch is better than mine. |
The nan to zero conversion is safe in this case! (The integer |
By the way, the current code is "right". The undefined value assigned in
doesn't affect the result. Ideally, there would be a way to tell fuzzer to ignore this problem. Is there? |
It's not a fun situation. Just because it works now in the compilers that we all are generally seeing doesn't mean that undefined behavior will work for all compilers, especially in the future. I know of one compiler that can trigger e.g. https://trac.osgeo.org/gdal/browser/trunk/gdal/gcore/gdaldataset.cpp?rev=41181#L2815 |
Hmm... I was reading "the behavior is undefined if the value cannot be represented ..." as "the value is undefined if the value cannot be represented ..." . If it's really the case the the program could abort, I'll need to handle this. |
I had to apply the above patch locally as I am indeed seeing SIGILL with the gie tests when a nan is passed. |
OK, thanks. I'm looking at similar issues elsewhere in GeographicLib. I want a consistent way of handling this (and possible problems when the value is bigger than the maximum integer). For example in this case, I could use
|
Perhaps a function that does a narrowing cast and clamp? modulo style guide and better naming
|
Yes, I can do fixes for all three of these. Should I start with the master branch or a 5.0.1-specific branch? |
Just work on the master branch. I'll cherry-pick the relevant commits to the 5.0 branch once committed to master. The 5.0.1 release will then be based on the 5.0 branch that only contains bug fixes cherry-picked from master. |
Other ones I've run into with ASAN and fuzzing. My quick hacks to avoid triggering the issues are not necessarily okay.
|
@schwehr Btw, could you run your tests with HAVE_C99_MATH (e.g., by removing the |
Thanks for pointing out HAVE_C99_MATH. While I have looked at the code many of times, it never registered on me that I should be setting it. Sigh. I am now. Tried it and it seems to work. Checking the behavior with gunit, it looks safe. However quo is not always set. And that behavior is not called out in the man page on debian testing linux. I didn't look into math error.
quick gunit test that I just wrote for remquo
|
Whoops, I didn't mean to close this issue. I only addressed the one issue of NaN -> int conversion in |
See OSGeo#843 Found with autofuzz UndefinedBehaviorSanitizer (UBSan)
Fixed in #887. |
is returned; however, reportedly, a program can crash in this case, see OSGeo/PROJ#843 At present, the fix is only in place for the C library. Still need to handle other cases of float -> int conversion. (A check already in place in the python library.)
is returned; however, reportedly, a program can crash in this case, see OSGeo/PROJ#843 At present, the fix is only in place for the C library. Still need to handle other cases of float -> int conversion. (A check already in place in the python library.)
Original from the fuzzer:
Fuzzer input was:
A patch that is unlikely to be good, but prevents the sanitizer failure:
Assuming that I translated this correctly to cs2cs:
The text was updated successfully, but these errors were encountered: